Welcome to the Lounge

The Lounge is rated PG. If you're about to post something you wouldn't want your
kid sister to read then don't post it. No flame wars, no abusive conduct, no programming
questions and please don't post ads.

Ask them how they would go about making M&M's. There is no correct answer, of course; the point is to confuse and fluster them. Don't accept their first or second or third answer. Keep berating them about it. This should comprise the bulk of the interview.

(Is anyone besides me old enough to remember this one? Still irks me!!)

This is a giant can of worms. I think the first thing to do is to read Joel Spolsky's blog posts and his book.

Now before you even get to the job interview, start surfing the job boards and figure out how you stand out. Take a look at Glassdoor.com and see how your company is doing. Make sure that you know what you are looking for, check your salary ranges and benefits packages, know which trade-offs you are willing to make on a candidate and ensure that you're not just on a wild goose chase. Sometimes you're trying to hire experts and sometimes it's just "warm bodies", these interviews require different things.

Recognize that the last year or two are possibly the most difficult times ever to hire an experienced developer. Demand is very high right now and salaries are very competitive.

Now to the actual interview:

- Whiteboard coding is acceptable, but actual coding is much better. Give them a laptop with tools and no net connection and let them build something.
- Don't be afraid to throw people out. You will be doing lots of interviews, possibly 10 or more to fill a single position. If this person is a complete mismatch, save everyone's time and let them go early.
- When asking questions about previous jobs, be very specific about what elements the candidate actually completed. The industry still has lots of deadweight and charlatans. You want to avoid people who were "part of a project" without actually "delivering the project".
- Some of my favorite questions:
-- What new languages or toolsets have you learned in the last 12 months?
-- Tell me about your side projects.
-- What are your favorite programming tools? (Experienced programmers should have some type of "toolbox")
-- Do you contribute to any development community? (stackoverflow answers, google groups on FOSS products, etc.)
- Some classic questions:
-- Tell me about failure at a previous job, how did you recover or deal with the fallout? (this one should always have an answer, people fail, you need them to be able to recognize failure)
- Ask them business questions, especially about their previous jobs. I try to get an idea for company size, team size, involvement with other stakeholders. Most software has multiple stakeholders and sometimes dealing with those stakeholders is just as important as programming competency.

The key thing I look for is some type of continuous training and experimentation. Programming is a rapidly evolving field, there is always something to be learning. And people who are continuously learning are the people most likely to be useful over time.

You must also be prepared to answer their questions about the job:
- Salary / benefits / vacation, etc. If this is not your question to answer, know who it will be.
- "Tell me about a typical day at this office, what happens, what's it like?". I ask this all of the time in my personal interviews. Lots of people tip their hand about poor working conditions, always being behind, etc. Be prepared with a clean answer to such a question.
- "What's your favorite project since you've been here?". Again similar to above.

You will get lots of duds during the interview process. But when you do find a match, remember that you also have to sell your company to them. Qualified candidates are often fielding multiple job offers and they typically have a current job.

With so much amount of cyber infiltration, intrusion attempts, hacking and sabotages reported even on biggies like RSA, I am surprised to witness business models like online password managers. I recently came across a website like http://www.passpack.com/en/home/[^]. How do people get confidence to entrust their entire identity with a lesser known third party?

In my personal view, I am even afraid of store confidential content in Microsoft Office products like Excel and prefer them to be saved in my MySQL and access via my indigenous PHP application through my WAMPS.

I use lastpass however I only use it for local accounts 192.168.X.X (both home and work) and online forums where the damage that someone can do if they got my password is minimal. I do not have any financial accounts in lastpass. Although that ends up causing me to have much simpler passwords for my financial accounts than my forum accounts which seems backward however it will have to do for now..

I use LastPass as well, but I use it for everything. The way it's set up (from my understanding) even if someone got access to the file saving your passwords they'd still need to decrypt it, and my password for it is long and complicated. I'm not sure what encryption they use, but most of the current standards can only be quickly cracked if the cracker is used on a computer that has recently had the password in memory, and that means to crack it they would likely need access to my computer anyways (because even on the fastest brute forcing machines the universe will likely die before my password is cracked that way).